wolverine-ai 2.8.2 → 2.9.0

package/README.md

@@ -429,6 +429,22 @@ Wolverine (single process manager)
 
 ---
 
+## Token Protection
+
+Three layers prevent token waste:
+
+| Layer | What it catches | Cost |
+|-------|----------------|------|
+| **Empty stderr guard** | Signal kills, clean shutdowns with no error | $0.00 |
+| **Loop guard** | Same error failing 3+ times in 10min → files bug report, stops healing | $0.00 after detection |
+| **Global rate limit** | Max 5 heals per 5 minutes regardless of error | Caps total spend |
+
+**Process dedup:** PID file ensures only one wolverine instance runs. Kills old process on startup.
+
+**Bug reports:** When loop guard triggers, generates a security-scanned report (no secrets/injection patterns) and sends to the platform backend for human review.
+
+---
+
 ## Cost Optimization
 
 Wolverine minimizes AI spend through 7 techniques:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolverine-ai",
-  "version": "2.8.2",
+  "version": "2.9.0",
   "description": "Self-healing Node.js server framework powered by AI. Catches crashes, diagnoses errors, generates fixes, verifies, and restarts — automatically.",
   "main": "src/index.js",
   "bin": {

package/server/config/settings.json

@@ -34,11 +34,11 @@
   "hybrid_settings": {
     "reasoning": "claude-haiku-4-5",
     "coding": "claude-sonnet-4-6",
-    "chat": "claude-haiku-4-5",
+    "chat": "gpt-5-nano",
     "tool": "claude-sonnet-4-6",
     "classifier": "gpt-4o-mini",
     "audit": "gpt-4o-mini",
-    "compacting": "claude-haiku-4-5",
+    "compacting": "gpt-4o-mini",
     "research": "o4-mini-deep-research",
     "embedding": "text-embedding-3-small"
   },

package/src/brain/brain.js

@@ -249,6 +249,14 @@ const SEED_DOCS = [
     text: "Auto-update: wolverine checks npm registry hourly for new versions. When found, runs npm install wolverine-ai@latest, backs up settings.json/.env.local before update and restores after. Config: autoUpdate.enabled (default true) in settings.json. Disable with WOLVERINE_AUTO_UPDATE=false env var. On successful update, signals runner to restart. Protected files never overwritten: settings.json, .env.local, .env, db.js. Update check runs 30s after startup then every hour (configurable via autoUpdate.intervalMs).",
     metadata: { topic: "auto-update" },
   },
+  {
+    text: "Loop guard: detects infinite heal loops and stops burning tokens. Tracks heal attempts by error signature — if 3+ heals fail on same error in 10 minutes, STOPS healing and generates a bug report. Bug report sent to platform backend for human review (security scanned for injection/secrets first). 30-minute cooldown after bug report filed. Process dedup via PID file (.wolverine/wolverine.pid) ensures only one wolverine instance runs — kills old process on startup. Config: WOLVERINE_LOOP_MAX_ATTEMPTS (default 3), WOLVERINE_LOOP_WINDOW_MS (default 600000).",
+    metadata: { topic: "loop-guard" },
+  },
+  {
+    text: "Token waste prevention: 3 layers. (1) Empty stderr guard — signal kills with no error output just restart, no AI ($0.00). (2) Loop guard — 3 failed heals on same error → stop and file bug report, no more AI calls. (3) Global rate limit — max 5 heals per 5 minutes regardless of error signature. Idle server burns exactly $0.00 in tokens.",
+    metadata: { topic: "token-protection" },
+  },
   {
     text: "Cost optimization: 7 techniques reduce heal cost from $0.31 to $0.02 for simple errors. (1) Verifier skips route probe for simple errors (TypeError/ReferenceError/SyntaxError) — trusts syntax+boot, ErrorMonitor is safety net. Prevents false-rejection cascades. (2) Sub-agents use Haiku (classifier model) for explore/plan/verify/research — only fixer uses Sonnet/Opus. 6 Haiku calls=$0.006 vs 6 Sonnet calls=$0.12. (3) Agent context compacted every 3 turns using compacting model — prevents 15K→95K token blowup. (4) Brain checked for cached fix patterns before AI — repeat errors cost $0. (5) Token budgets capped by error complexity: simple=20K agent budget, moderate=50K, complex=100K. Simple errors get 4 agent turns max. (6) Prior attempt summaries (not full context) passed between iterations — concise 'do NOT repeat' directives. (7) Fast path includes last known good backup code so AI can revert broken additions instead of patching around them.",
     metadata: { topic: "cost-optimization" },

package/src/core/runner.js

@@ -23,6 +23,7 @@ const { Notifier } = require("../notifications/notifier");
 const { loadConfig } = require("./config");
 const { ErrorMonitor } = require("../monitor/error-monitor");
 const { startAutoUpdate, stopAutoUpdate } = require("../platform/auto-update");
+const { LoopGuard, ensureSingleProcess } = require("../skills/loop-guard");
 
 /**
  * The Wolverine process runner — v3.
@@ -104,6 +105,12 @@ class WolverineRunner {
       onError: (routePath, errorDetails) => this._healFromError(routePath, errorDetails),
     });
 
+    // Loop guard — detects infinite heal loops, generates bug reports
+    this.loopGuard = new LoopGuard(this.cwd, {
+      maxAttempts: parseInt(process.env.WOLVERINE_LOOP_MAX_ATTEMPTS, 10) || 3,
+      windowMs: parseInt(process.env.WOLVERINE_LOOP_WINDOW_MS, 10) || 600000,
+    });
+
     // Brain — semantic memory + project context
     this.brain = new Brain(this.cwd);
 
@@ -147,6 +154,9 @@ class WolverineRunner {
   }
 
   async start() {
+    // Ensure only one wolverine instance runs — kill any old process
+    ensureSingleProcess(this.cwd);
+
     this.running = true;
     this.retryCount = 0;
 
@@ -405,12 +415,21 @@ class WolverineRunner {
 
       if (!this.running) return;
 
-      if (code === 0 || signal === "SIGTERM") {
+      // Clean exit or graceful shutdown — don't heal
+      if (code === 0 || signal === "SIGTERM" || signal === "SIGINT") {
         console.log(chalk.green("\n✅ Process exited cleanly."));
         this.logger.info(EVENT_TYPES.PROCESS_HEALTHY, "Process exited cleanly");
         return;
       }
 
+      // Killed by signal with no stderr — just restart, don't waste tokens healing
+      if (!this._stderrBuffer.trim() || this._stderrBuffer.trim().length < 10) {
+        console.log(chalk.yellow(`\n⚠️  Process killed (code: ${code}, signal: ${signal}) — no error to heal, restarting`));
+        this.logger.warn(EVENT_TYPES.PROCESS_CRASH, `Killed with no stderr (code: ${code}, signal: ${signal})`, { exitCode: code, signal });
+        this._spawn();
+        return;
+      }
+
       const uptime = Date.now() - this._lastStartTime;
       console.log(chalk.red(`\n💥 Process crashed with exit code ${code} (uptime: ${Math.round(uptime / 1000)}s)`));
       this.logger.error(EVENT_TYPES.PROCESS_CRASH, `Crashed with code ${code}`, {
@@ -466,6 +485,28 @@ class WolverineRunner {
     this._healInProgress = true;
     this._healStatus = { active: true, error: this._stderrBuffer.slice(0, 200), phase: "diagnosing", startedAt: Date.now() };
 
+    // Loop guard: check if we're stuck repeating failed heals
+    const errorSig = RateLimiter.signature(this._stderrBuffer.slice(0, 200), "");
+    const loopCheck = this.loopGuard.check(errorSig);
+    if (!loopCheck.allowed) {
+      console.log(chalk.red(`\n  🔄 ${loopCheck.reason}`));
+      if (loopCheck.shouldReport) {
+        const report = await this.loopGuard.generateBugReport({
+          errorMessage: this._stderrBuffer.slice(0, 500),
+          filePath: null,
+          attempts: loopCheck.attempts,
+          brain: this.brain,
+          logger: this.logger,
+        });
+        await this.loopGuard.sendToBackend(report);
+      }
+      this._healInProgress = false;
+      this._healStatus = null;
+      // Just restart without healing — the bug report is filed
+      this._spawn();
+      return;
+    }
+
     try {
       const result = await heal({
         stderr: this._stderrBuffer,
@@ -482,9 +523,12 @@ class WolverineRunner {
         repairHistory: this.repairHistory,
       });
 
+      // Record attempt for loop guard
+      this.loopGuard.record(errorSig, result.healed, result.agentStats?.totalTokens || 0);
+
       if (result.healed) {
         this._lastBackupId = result.backupId;
-        this.retryCount = 0; // Fresh start after successful heal
+        this.retryCount = 0;
         const mode = result.mode === "agent" ? "multi-file agent" : result.mode || "fast path";
         console.log(chalk.green(`\n🐺 Wolverine healed the error via ${mode}! Restarting...\n`));
 

package/src/core/wolverine.js

@@ -45,6 +45,13 @@ async function _healImpl({ stderr, cwd, sandbox, notifier, rateLimiter, backupMa
   const healStartTime = Date.now();
   const { redact, hasSecrets } = require("../security/secret-redactor");
 
+  // Guard: don't burn tokens on empty stderr (signal kills, clean shutdowns, etc.)
+  if (!stderr || stderr.trim().length < 10) {
+    console.log(chalk.yellow("\n🐺 Empty stderr — nothing to heal (likely signal kill)"));
+    if (logger) logger.warn(EVENT_TYPES.HEAL_FAILED, "Empty stderr — skipping heal");
+    return { healed: false, explanation: "Empty stderr — nothing to diagnose" };
+  }
+
   // Redact secrets BEFORE any processing, logging, or AI calls
   const safeStderr = redact(stderr);
 

package/src/index.js

@@ -38,6 +38,7 @@ const { diagnose: diagnoseDeps, healthReport: depsHealthReport, getMigration } =
 const { checkForUpdate, upgrade: upgradeWolverine, getCurrentVersion } = require("./platform/auto-update");
 const { safeUpdate, createSafeBackup, listSafeBackups, restoreFromSafeBackup } = require("./skills/update");
 const { backup, rollback, rollbackLatest, undoRollback, listBackups } = require("./skills/backup");
+const { LoopGuard, ensureSingleProcess } = require("./skills/loop-guard");
 
 module.exports = {
   // Core
@@ -114,4 +115,6 @@ module.exports = {
   rollbackLatest,
   undoRollback,
   listBackups,
+  LoopGuard,
+  ensureSingleProcess,
 };

package/src/skills/loop-guard.js

@@ -0,0 +1,267 @@
+/**
+ * Loop Guard — detects infinite heal loops and generates bug reports.
+ *
+ * Problem: wolverine can get stuck repeating the same fix attempt,
+ * burning tokens with nothing changing. This happens when:
+ * - The error is beyond the agent's capability to fix
+ * - The fix works but something else breaks, causing a new error
+ * - External deps are missing (not a code issue)
+ * - The verifier keeps rejecting a correct fix
+ *
+ * Solution: track heal attempts with signatures. If the same error
+ * (or same file) triggers N heals in T minutes with no success,
+ * STOP healing and generate a bug report instead.
+ *
+ * Bug reports are sent to the platform backend for human review.
+ */
+
+const fs = require("fs");
+const path = require("path");
+const chalk = require("chalk");
+
+const LOOP_FILE = ".wolverine/loop-guard.json";
+
+class LoopGuard {
+  constructor(cwd, options = {}) {
+    this.cwd = cwd;
+    this.maxAttempts = options.maxAttempts || 3;       // max heals on same error before giving up
+    this.windowMs = options.windowMs || 600000;         // 10 minute window
+    this.cooldownMs = options.cooldownMs || 1800000;    // 30 min cooldown after bug report
+    this._attempts = [];  // { signature, timestamp, success, tokens }
+    this._bugReports = []; // { signature, report, timestamp }
+    this._load();
+  }
+
+  /**
+   * Check if healing should proceed for this error.
+   * Returns { allowed: boolean, reason?: string }
+   */
+  check(errorSignature) {
+    const now = Date.now();
+
+    // Clean old attempts outside window
+    this._attempts = this._attempts.filter(a => now - a.timestamp < this.windowMs);
+
+    // Count recent attempts on this signature
+    const recentAttempts = this._attempts.filter(a => a.signature === errorSignature);
+    const recentFailures = recentAttempts.filter(a => !a.success);
+
+    // Check cooldown from previous bug report on this signature
+    const lastReport = this._bugReports.find(r => r.signature === errorSignature);
+    if (lastReport && now - lastReport.timestamp < this.cooldownMs) {
+      const remaining = Math.round((this.cooldownMs - (now - lastReport.timestamp)) / 60000);
+      return { allowed: false, reason: `Bug report filed ${remaining}min ago — cooldown active` };
+    }
+
+    if (recentFailures.length >= this.maxAttempts) {
+      return {
+        allowed: false,
+        reason: `Loop detected: ${recentFailures.length} failed heals on same error in ${Math.round(this.windowMs / 60000)}min`,
+        shouldReport: true,
+        attempts: recentAttempts,
+      };
+    }
+
+    return { allowed: true };
+  }
+
+  /**
+   * Record a heal attempt.
+   */
+  record(errorSignature, success, tokens = 0) {
+    this._attempts.push({
+      signature: errorSignature,
+      timestamp: Date.now(),
+      success,
+      tokens,
+    });
+    this._save();
+  }
+
+  /**
+   * Generate a bug report using AI reasoning.
+   * Compacts all context into a structured report for human review.
+   */
+  async generateBugReport({ errorMessage, filePath, attempts, brain, logger }) {
+    const { redact } = require("../security/secret-redactor");
+    const safeError = redact(errorMessage || "");
+
+    // Compact attempt history
+    const attemptSummary = (attempts || this._attempts.slice(-5)).map(a =>
+      `[${new Date(a.timestamp).toISOString().slice(11, 19)}] ${a.success ? "OK" : "FAIL"} ${a.tokens} tokens`
+    ).join("\n");
+
+    // Get brain context about this error
+    let brainContext = "";
+    if (brain && brain._initialized) {
+      try {
+        const results = brain.store.keywordSearch(safeError, { topK: 3 });
+        brainContext = results.map(r => r.text.slice(0, 100)).join("\n");
+      } catch {}
+    }
+
+    // Build report without AI (save tokens — the whole point is to stop burning them)
+    const report = {
+      type: "bug_report",
+      timestamp: Date.now(),
+      iso: new Date().toISOString(),
+      error: safeError.slice(0, 500),
+      file: filePath || "unknown",
+      attempts: this._attempts.filter(a => a.signature === (filePath + "::" + safeError.slice(0, 50))).length,
+      totalTokensBurned: this._attempts.reduce((s, a) => s + (a.tokens || 0), 0),
+      history: attemptSummary,
+      brainContext: brainContext.slice(0, 300),
+      recommendation: "This error exceeded automatic healing capacity. Manual investigation required.",
+      severity: "high",
+    };
+
+    // Check for injection/secrets before sending
+    const { hasSecrets } = require("../security/secret-redactor");
+    const reportStr = JSON.stringify(report);
+    if (hasSecrets(reportStr)) {
+      report.error = "[REDACTED — contained secrets]";
+      report.brainContext = "[REDACTED]";
+    }
+
+    // Record the bug report
+    const sig = (filePath || "") + "::" + safeError.slice(0, 50);
+    this._bugReports.push({ signature: sig, report, timestamp: Date.now() });
+    this._save();
+
+    console.log(chalk.red(`\n  🐛 Bug Report Generated`));
+    console.log(chalk.red(`     Error: ${safeError.slice(0, 80)}`));
+    console.log(chalk.red(`     Attempts: ${report.attempts}, Tokens burned: ${report.totalTokensBurned}`));
+    console.log(chalk.red(`     Filed for human review\n`));
+
+    if (logger) {
+      logger.critical("loop_guard.bug_report", `Bug report: ${safeError.slice(0, 100)}`, report);
+    }
+
+    return report;
+  }
+
+  /**
+   * Send bug report to platform backend.
+   */
+  async sendToBackend(report) {
+    try {
+      const https = require("https");
+      const http = require("http");
+      const { URL } = require("url");
+      const { loadConfig } = require("../core/config");
+      const config = loadConfig();
+      const platformUrl = config.telemetry?.platformUrl || "https://api.wolverinenode.xyz";
+
+      const keyPath = path.join(this.cwd, ".wolverine", "platform-key");
+      let key = "";
+      try { key = fs.readFileSync(keyPath, "utf-8").trim(); } catch {}
+      if (!key) return;
+
+      const url = new URL(`${platformUrl}/api/v1/heartbeat`);
+      const body = JSON.stringify({
+        instanceId: require("../platform/telemetry").INSTANCE_ID,
+        timestamp: Date.now(),
+        alerts: [report],
+      });
+
+      const mod = url.protocol === "https:" ? https : http;
+      await new Promise((resolve) => {
+        const req = mod.request({
+          hostname: url.hostname, port: url.port, path: url.pathname,
+          method: "POST",
+          headers: { "Content-Type": "application/json", "Authorization": `Bearer ${key}` },
+          timeout: 5000,
+        }, () => resolve());
+        req.on("error", () => resolve());
+        req.write(body);
+        req.end();
+      });
+    } catch {}
+  }
+
+  getStats() {
+    return {
+      recentAttempts: this._attempts.length,
+      bugReports: this._bugReports.length,
+      totalTokensBurned: this._attempts.reduce((s, a) => s + (a.tokens || 0), 0),
+    };
+  }
+
+  _load() {
+    try {
+      const fp = path.join(this.cwd, LOOP_FILE);
+      if (fs.existsSync(fp)) {
+        const data = JSON.parse(fs.readFileSync(fp, "utf-8"));
+        this._attempts = data.attempts || [];
+        this._bugReports = data.bugReports || [];
+      }
+    } catch {}
+  }
+
+  _save() {
+    try {
+      const fp = path.join(this.cwd, LOOP_FILE);
+      fs.mkdirSync(path.dirname(fp), { recursive: true });
+      fs.writeFileSync(fp, JSON.stringify({ attempts: this._attempts.slice(-50), bugReports: this._bugReports.slice(-20) }, null, 2), "utf-8");
+    } catch {}
+  }
+}
+
+// ── Process Dedup ──
+
+/**
+ * Ensure only one wolverine process runs at a time.
+ * Kills any existing wolverine process before starting a new one.
+ */
+function ensureSingleProcess(cwd) {
+  const { execSync } = require("child_process");
+  const pidFile = path.join(cwd, ".wolverine", "wolverine.pid");
+
+  // Kill old process if PID file exists
+  try {
+    if (fs.existsSync(pidFile)) {
+      const oldPid = parseInt(fs.readFileSync(pidFile, "utf-8").trim(), 10);
+      if (oldPid && oldPid !== process.pid) {
+        try {
+          process.kill(oldPid, 0); // check if alive
+          console.log(chalk.yellow(`  🔒 Killing old wolverine process (PID ${oldPid})`));
+          if (process.platform === "win32") {
+            execSync(`taskkill /PID ${oldPid} /T /F`, { stdio: "ignore", timeout: 5000 });
+          } else {
+            process.kill(oldPid, "SIGTERM");
+            setTimeout(() => { try { process.kill(oldPid, "SIGKILL"); } catch {} }, 3000);
+          }
+        } catch {} // process already dead
+      }
+    }
+  } catch {}
+
+  // Write our PID
+  try {
+    fs.mkdirSync(path.dirname(pidFile), { recursive: true });
+    fs.writeFileSync(pidFile, String(process.pid), "utf-8");
+  } catch {}
+
+  // Clean up on exit
+  process.on("exit", () => { try { fs.unlinkSync(pidFile); } catch {} });
+}
+
+// ── Skill Metadata ──
+
+const SKILL_NAME = "loop-guard";
+const SKILL_DESCRIPTION = "Detects infinite heal loops and generates bug reports. Prevents token waste by stopping repeated failed heals on the same error. Ensures only one wolverine process runs at a time.";
+const SKILL_KEYWORDS = ["loop", "infinite", "stuck", "repeat", "guard", "bug", "report", "dedup", "single", "process", "pid"];
+const SKILL_USAGE = `// Loop guard is automatic — integrated into the heal pipeline.
+// Bug reports filed when 3+ heals fail on same error in 10 minutes.
+// Process dedup runs on startup.
+
+// Manual check:
+const { LoopGuard } = require("wolverine-ai");
+const guard = new LoopGuard(process.cwd());
+const check = guard.check("server/api.js::TypeError");
+// { allowed: false, reason: "Loop detected: 3 failed heals..." }`;
+
+module.exports = {
+  SKILL_NAME, SKILL_DESCRIPTION, SKILL_KEYWORDS, SKILL_USAGE,
+  LoopGuard, ensureSingleProcess,
+};